Solved

AIX Encryption using EFS

Posted on 2013-06-20
1
1,437 Views
Last Modified: 2013-06-26
I was testing EFS on AIX 7.1. it was working when I decided to start over.
I deleted the filesystem and recreated the filesystem with the same name.
Now I get the following when entering root's EFS password:
efskeymgr -o ksh
root's EFS password:
Encryption framework returned an error: libefs bad parameter

I can change the password but still get the same error message.

Does anyone know how to fix this?

Also, once EFS is enabled with efsenable -a can it be disabled?

oslevel -s
7100-02-02-1316

lslpp -L | grep openssh
  openssh.base.client     6.0.0.6102    C     F    Open Secure Shell Commands
  openssh.base.server     6.0.0.6102    C     F    Open Secure Shell Server
  openssh.license         6.0.0.6102    C     F    Open Secure Shell License
  openssh.man.en_US       6.0.0.6102    C     F    Open Secure Shell
  openssh.msg.en_US       6.0.0.6102    C     F    Open Secure Shell Messages -

TIA,
Dan Kaib
0
Comment
Question by:scodhk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 500 total points
ID: 39265238
Is your private key still valid?

efskeymgr -v

Maybe it could help regenerating the key

efskeymgr -R <algo>

e.g.

efskeymgr -R RSA_1024

And no, you can't revert the actions taken by efsenable (create admin/user/group keystores, create /var/efs, update /etc/security/user and /etc/security/group, update Config_Rules).

wmp
0

Featured Post

Are You Headed to Black Hat USA 2017?

Getting ready for Black Hat next week? Kick things off with the WatchGuard Badge Challenge and test your puzzle and cipher skills. Do you have what it takes to earn our limited edition Firebox Badge? Get started today - https://crimsonthorn.net

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compli…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question